← Back to CVEs
CVE-2022-22781
HIGH7.5
Description
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currently installed version to a less secure version.
CVE Details
CVSS v3.1 Score7.5
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionREQUIRED
Published4/28/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
zoom:meetings
Weaknesses (CWE)
CWE-354
References
https://explore.zoom.us/en/trust/security/security-bulletin/(security@zoom.us)
https://explore.zoom.us/en/trust/security/security-bulletin/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.